iangcarroll / cookiemonsterLinks
πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
β961Updated last year
Alternatives and similar repositories for cookiemonster
Users that are interested in cookiemonster are comparing it to the libraries listed below
Sorting:
- Go client to communicate with Chaos DB API.β812Updated last week
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,010Updated last year
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,715Updated last year
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,279Updated 5 months ago
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,135Updated this week
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,036Updated 5 months ago
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,562Updated this week
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ860Updated 3 years ago
- Scrape domain names from SSL certificates of arbitrary hostsβ689Updated last year
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ944Updated 4 years ago
- bypass-url-parserβ1,109Updated last week
- The most exhaustive list of reliable DNS resolvers.β926Updated this week
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ642Updated 6 months ago
- Fetches javascript file from a list of URLS or subdomains.β828Updated 6 months ago
- a javascript change monitoring tool for bugbountiesβ707Updated last year
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,037Updated last year
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β971Updated 2 years ago
- β533Updated 2 months ago
- Obtain GraphQL API schema even if the introspection is disabledβ1,370Updated last month
- Open Redirection Analyzerβ806Updated 2 years ago
- Free, libre, effective, and data-driven wordlists for all!β644Updated 4 years ago
- A python tool used to discover endpoints, potential parameters, a target specific wordlist for a given target and secretsβ1,469Updated last week
- Making Favicon.ico based Recon Great again !β1,258Updated 2 years ago
- A wordlist of API names for web application assessmentsβ862Updated 7 months ago
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,242Updated last month
- PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.β1,276Updated last year
- Automation for javascript recon in bug bounty.β1,063Updated 2 years ago
- Golang client for querying SecurityTrails API dataβ578Updated this week
- An IIS short filename enumeration toolβ1,064Updated last year
- An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirectsβ967Updated 4 years ago